Evidence-first bug hunting. A reusable skill that hunts bugs across any project — producing structured, evidence-backed reports before touching a single file.
Perfect for vibe coders, QA engineers, and teams who want a comprehensive bug audit before deployment, code review, or handoff.
This skill turns any AI coding agent into a systematic bug hunter. Instead of jumping to fixes, the agent:
| ✅ Does | ❌ Doesn't |
|---|---|
| Maps project structure & stack | Edit, create, or delete files |
| Runs existing test suites | Install dependencies |
| Runs lint/typecheck/build | Run migrations or DB writes |
| Inspects bug-prone areas | Make speculative fixes |
| Validates findings with evidence | Expose secrets in reports |
| Produces structured bug reports | Run destructive commands |
The agent produces a full Laporan Bug (Bug Report) with priorities, file locations, reproduction steps, and fix recommendations — then waits for your approval before fixing anything.
npx skills add wildanfadh/project-bug-hunter-skill# Clone to your skills directory
git clone https://github.com/wildanfadh/project-bug-hunter-skill.git ~/.pi/agent/skills/project-bug-hunter/Copy SKILL.md into your agent's skills/prompts directory:
git clone https://github.com/wildanfadh/project-bug-hunter-skill.git
cp project-bug-hunter-skill/SKILL.md ~/your-agent/skills/project-bug-hunter.mdMost agents auto-discover .md skill files in their skills directory.
Just paste the content of SKILL.md into your prompt or system instructions. The skill's rules take effect immediately.
Start any conversation with one of these triggers:
| English | Bahasa Indonesia |
|---|---|
| "find bugs in this project" | "cari bug di project ini" |
| "audit this repo" | "cek project ini" |
| "review code for defects" | "audit bug" |
| "check for hidden errors" | "review kode" |
| "scan directory now" | "temukan error tersembunyi" |
| "check this repo for bugs" | "scan direktori sekarang" |
The agent will:
- Map your project structure and detect the stack
- Run available tests, linters, and type checkers
- Inspect bug-prone areas (async, null handling, routing, auth, DB queries, etc.)
- Validate every finding with evidence (command output, file:line, reproduction steps)
- Produce a structured bug report in your language
- Wait for your approval before fixing anything
# Laporan Bug Project
## Ringkasan
- Root project: `/home/user/projects/my-app`
- Stack terdeteksi: Next.js 14 + TypeScript + Prisma
- Command yang dijalankan: `npm test`, `npm run lint`, `npm run typecheck`, `npm run build`
- Hasil umum: 2 test gagal, 5 type error, 1 build error
## Bug prioritas tinggi
### 1. Session tidak persisten setelah refresh
- Lokasi: `middleware/auth.ts:23`
- Bukti: Test `auth.test.ts > session persistence` gagal — token tidak disimpan ke cookie
- Dampak: User harus login ulang setiap refresh halaman
- Penyebab kemungkinan: `setCookie()` dipanggil tanpa opsi `maxAge`
- Rekomendasi fix: Tambahkan `maxAge: 60 * 60 * 24 * 7` pada pemanggilan `setCookie()`
- Cara verifikasi: `npm test -- auth.test.ts` → semua test pass
### 2. Prisma query N+1 di halaman dashboard
- Lokasi: `app/dashboard/page.tsx:45`
- Bukti: Query log menunjukkan 101 query untuk 1 halaman (1 user + 100 post queries)
- Dampak: Halaman lambat (2.3s response time)
- Penyebab kemungkinan: `include: { posts: true }` tidak menggunakan batch loading
- Rekomendasi fix: Gunakan `findMany` dengan `where: { userId: user.id }` dan `include`
- Cara verifikasi: Cek query count turun menjadi 2
## Bug prioritas sedang/rendah
### 3. Error boundary tidak menangkap error di nested component
- Lokasi: `components/Chart.tsx:12`
- Bukti: Error thrown dalam `useEffect` tidak tertangkap → white screen
- Dampak: UX buruk saat chart gagal render
...
## Potensi bug yang perlu konfirmasi
- `utils/formatCurrency.ts`: Tidak handle locale `id-ID` → mungkin salah format di production ID
...
## Pemeriksaan yang tidak bisa dijalankan
- Command: `npm run e2e`
- Alasan: Playwright tidak terinstall
- Saran: Install dengan `npx playwright install` lalu jalankan `npm run e2e`
## Langkah berikutnya
1. Fix bug #1 dan #2 (prioritas tinggi)
2. Install Playwright untuk E2E test
3. Review potensi bug #4 dengan tim frontendproject-bug-hunter-skill/
├── SKILL.md # The actual skill — copy this into any agent
├── skills/
│ └── project-bug-hunter/
│ └── SKILL.md # Standard layout for npx skills CLI
├── evals/
│ └── evals.json # Evaluation prompts for testing the skill
├── LICENSE # MIT License
├── .gitignore
└── README.md # This file
The evals/ directory contains test prompts to validate the skill works correctly across different agents, languages, and project stacks. Use them to ensure the agent produces complete bug reports with evidence before deploying to production workflows.
The skill auto-detects and works with:
| Language | Checks |
|---|---|
| JavaScript/TypeScript | npm test, npm run lint, npm run typecheck, npm run build |
| Python | pytest, ruff check, mypy |
| Go | go test ./..., go vet ./... |
| Rust | cargo test, cargo clippy |
| PHP/Laravel | composer test, php artisan test |
| Java/Kotlin | ./gradlew test, mvn test |
| Flutter/Dart | flutter test, dart analyze |
No dependencies? The skill falls back to static code inspection.
Most AI coding tools jump straight to fixes. They're great at writing code, but sometimes you need to understand the problem landscape first. This skill creates a safety boundary:
- Prevents premature fixes that miss the root cause
- Builds evidence — every finding tied to a file, command output, or reproduction step
- Works across stacks — auto-detection means no manual config
- Bilingual — supports English and Bahasa Indonesia triggers and reports
- Prioritized output — high/medium/low priority so you know what to fix first
Made for vibe coders who ship fast but want evidence before edits. 🔍
MIT — see LICENSE for details.
Wildan Fadh — github.com/wildanfadh
⭐ Star this repo if it catches bugs before they catch you!